selfsdk 0.0.128 → 0.0.129
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/client.rb +1 -0
- data/lib/messages/attestation.rb +4 -3
- data/lib/messages/base.rb +4 -3
- data/lib/messaging.rb +1 -1
- data/lib/services/identity.rb +3 -2
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7ba1c83bef5db464131c2343e7f81500c1e5175fd9f740b7563dad90613dd73c
|
4
|
+
data.tar.gz: 12c89161d2837b4f6dba855b43bd554fcb6380dbd207fe7482e9f9fcef4d8493
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bd1a8234d5d4ba9ef9589ed41e2a60e9313aa2ba45d3de46f428db95e716125dc9213dff852025643e2c1bafc9342cb3e823eb435e3ed903947161d08c9252bb
|
7
|
+
data.tar.gz: 52c50572cf2587106fb160b3042faeb8c129d2bc35d8df9ee6a29a1b7617af7723be54a16b43190c774ed93a4d694a0cfacc85e0882b5867229f8fdd0ce0c390
|
data/lib/client.rb
CHANGED
data/lib/messages/attestation.rb
CHANGED
@@ -15,7 +15,8 @@ module SelfSDK
|
|
15
15
|
@to = payload[:sub]
|
16
16
|
@audience = payload[:aud]
|
17
17
|
@source = payload[:source]
|
18
|
-
|
18
|
+
header = JSON.parse(@messaging.jwt.decode(attestation[:protected]), symbolize_names: true)
|
19
|
+
@verified = valid_signature?(attestation, header[:kid])
|
19
20
|
@expected_value = payload[:expected_value]
|
20
21
|
@operator = payload[:operator]
|
21
22
|
@fact_name = name.to_s
|
@@ -24,8 +25,8 @@ module SelfSDK
|
|
24
25
|
end
|
25
26
|
end
|
26
27
|
|
27
|
-
def valid_signature?(body)
|
28
|
-
k = @messaging.client.
|
28
|
+
def valid_signature?(body, kid)
|
29
|
+
k = @messaging.client.public_key(@origin, kid).raw_public_key
|
29
30
|
raise ::StandardError.new("invalid signature") unless @messaging.jwt.verify(body, k)
|
30
31
|
|
31
32
|
true
|
data/lib/messages/base.rb
CHANGED
@@ -72,13 +72,14 @@ module SelfSDK
|
|
72
72
|
|
73
73
|
jwt = JSON.parse(body, symbolize_names: true)
|
74
74
|
payload = JSON.parse(@jwt.decode(jwt[:payload]), symbolize_names: true)
|
75
|
+
header = JSON.parse(@jwt.decode(jwt[:protected]), symbolize_names: true)
|
75
76
|
@from = payload[:iss]
|
76
|
-
verify! jwt
|
77
|
+
verify! jwt, header[:kid]
|
77
78
|
payload
|
78
79
|
end
|
79
80
|
|
80
|
-
def verify!(jwt)
|
81
|
-
k = @client.
|
81
|
+
def verify!(jwt, kid)
|
82
|
+
k = @client.public_key(@from, kid).raw_public_key
|
82
83
|
return if @jwt.verify(jwt, k)
|
83
84
|
|
84
85
|
SelfSDK.logger.info "skipping message, invalid signature"
|
data/lib/messaging.rb
CHANGED
@@ -44,7 +44,7 @@ module SelfSDK
|
|
44
44
|
@offset_file = "#{@storage_dir}/#{@jwt.id}:#{@device_id}.offset"
|
45
45
|
@offset = read_offset
|
46
46
|
|
47
|
-
FileUtils.mkdir_p @storage_dir unless File.
|
47
|
+
FileUtils.mkdir_p @storage_dir unless File.exist? @storage_dir
|
48
48
|
|
49
49
|
if options.include? :ws
|
50
50
|
@ws = options[:ws]
|
data/lib/services/identity.rb
CHANGED
@@ -27,9 +27,10 @@ module SelfSDK
|
|
27
27
|
# Gets an identity public keys
|
28
28
|
#
|
29
29
|
# @param [String] selfid gets the identity details (app/user)
|
30
|
+
# @param [String] kid the public key id.
|
30
31
|
# @return [Array] with the identity public keys
|
31
|
-
def
|
32
|
-
@client.
|
32
|
+
def public_key(selfid, kid)
|
33
|
+
@client.public_key(selfid, kid).public_key
|
33
34
|
end
|
34
35
|
|
35
36
|
# Gets an app/identity details
|